156-215.81 Exam Dumps - Check Point Certified Security Administrator R81.20 CCSA (156-215.81.20)

Secure Internal Communication (SIC) is handled by the CPD process3. CPD is the Check Point Daemon that runs on all Check Point modules and handles internal licensing and SIC operations. SIC is a mechanism that ensures secure communication between Check Point components using certificates and encryption. References: Check Point R81 Security Management Administration Guide

The options to calculate the traffic direction are Incoming, Internal, and External3. Outgoing is not an option. Incoming traffic is traffic that enters the Security Gateway from an external network. Internal traffic is traffic that originates and terminates in networks that are directly connected to the Security Gateway. External traffic is traffic that originates or terminates in networks that are not directly connected to the Security Gateway. References: Check Point R81 Security Management Administration Guide

The following cannot be configured in an Access Role Object: Time4. An Access Role Object is a way to define a group of users based on four criteria: Networks, Users, Machines, and Locations5. Networks are IP addresses or network objects that represent the source or destination of the traffic. Users are user accounts or user groups from an identity source such as LDAP or RADIUS. Machines are endpoints that are identified by MAC addresses or certificates. Locations are geographical regions based on IP addresses. References: Check Point R81 Firewall Administration Guide, Check Point R81 Identity Awareness Administration Guide

 Application Control is the software blade that enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine. Application Control allows you to define granular rules for applications, web sites, web categories, web content types, and users. You can also use Application Control to monitor and block risky applications and web usage. References: [Application Control Administration Guide R80.40]

The two ordered layers that make up the Access Control Policy Layer are Network and Threat Prevention. Network layer contains rules that define how traffic is inspected and handled by the Security Gateway. Threat Prevention layer contains rules that define how traffic is inspected by the Threat Prevention Software Blades2. References: Check Point R81 Security Management Administration Guide